Nmap Development mailing list archives
new service probes matches (Re: Nmap-dev-only unofficial Nmap 3.51-TEST2)
From: Martin Mačok <martin.macok () underground cz>
Date: Mon, 8 Mar 2004 10:06:47 +0100
On Sun, Mar 07, 2004 at 10:57:08PM -0800, Fyodor wrote:
I have just put up an unofficial 3.51-TEST2 release in the dist directory ( http://download.insecure.org/nmap/dist/?M=D ).
My patch against nmap-service-probes 1.35 is at http://xtrmntr.org/ORBman/tmp/nmap-service-probes.patch * new matches - POP3 AnalogX Proxy - SMTP AnalogX Proxy - SGI Performance Co-Pilot - AIX rexecd - AIX rlogin - AIX rshd - another Lotus Notes POP3 match - another Postfix SMTP match - another Kerio PF services matches - another IBM HTTP Server (Apache) match - another two Oracle HTTP Server matches - another IBM Websphere Application server match - another JRun Webserver match - another pdnsd match * fixes: - Kerio PF services names somewhat unified - webfs match generalized - missing \r in Kazaa HTTP match - missing d in pdnsd name * TODO: - fix broken $Revision X.Y$ entries in the file messing with CVS (lines prepended with #FIXME - I don't know how exactly they should look like) - I have seen behaviour when sometimes GetRequest missed and HTTPOptions matched (with the same pattern), sometimes not ... probably the host was too slow ? - some probes are commented out to not slow down the scan in general case, but they're there if someone wants them (handy) - There are some entries with "(?)" string in their names. These are the ones I'm not 100% sure with them but still better than nothing? For example - have you ever seen HTTP server with Content-Location: http://[ip.address]/xy other than MS IIS? Some of them I'm not sure with (I have (almost :-) no control of the machine) but I saw them in different hosts always on the same OS and same well-known port (MS DTC/ERROR case)... Martin Mačok --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Nmap-dev-only unofficial Nmap 3.51-TEST2 Fyodor (Mar 07)
- new service probes matches (Re: Nmap-dev-only unofficial Nmap 3.51-TEST2) Martin Mačok (Mar 08)